Wp Chill Wp Chill

  1. Vendors
  2. Wp Chill

Don't miss out!

Thousands of developers use stack.watch to stay informed.
Get an email whenever new security vulnerabilities are reported in any Wp Chill product.

RSS Feeds for Wp Chill security vulnerabilities

Create a CVE RSS feed including security vulnerabilities found in Wp Chill products with stack.watch. Just hit watch, then grab your custom RSS feed url.

Products by Wp Chill Sorted by Most Security Vulnerabilities since 2018

Wp Chill Filr Protection3 vulnerabilities

Wp Chill Strong Testimonials3 vulnerabilities

Wp Chill Content Protector2 vulnerabilities

Wp Chill Final Tiles Grid Gallery Lite2 vulnerabilities

Wp Chill Modula Best Grid Gallery2 vulnerabilities

Wp Chill Rsvp2 vulnerabilities

Wp Chill Download Monitor1 vulnerability

Wp Chill Htaccess File Editor1 vulnerability

Wp Chill Photoblocks Grid Gallery1 vulnerability

Wp Chill Revive So1 vulnerability

By the Year

In 2026 there have been 11 vulnerabilities in Wp Chill with an average score of 6.5 out of ten. Last year, in 2025 Wp Chill had 4 security vulnerabilities published. That is, 7 more vulnerabilities have already been reported in 2026 as compared to last year. Last year, the average CVE base score was greater by 1.00

Year Vulnerabilities Average Score
2026 11 6.50
2025 4 7.50
2024 3 0.00

It may take a day or so for new Wp Chill vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Wp Chill Security Vulnerabilities

CVE Date Vulnerability Products
CVE-2026-39561 Apr 08, 2026
Missing Auth CVE-2026-39561 WP Revive.so <=2.0.7 Access Control Flaw Missing Authorization vulnerability in WP Chill Revive.so revive-so allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Revive.so: from n/a through <= 2.0.7.
Revive So
CVE-2026-39536 Apr 08, 2026
WP Chill RSVP Sensitive Data Leak <=2.7.16 Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in WP Chill RSVP and Event Management rsvp allows Retrieve Embedded Sensitive Data.This issue affects RSVP and Event Management: from n/a through <= 2.7.16.
Rsvp
CVE-2026-39510 Apr 08, 2026
[WP Chill] Final Tiles Grid <=3.6.11 Auth Bypass via User-Controlled Key Authorization Bypass Through User-Controlled Key vulnerability in WP Chill Image Photo Gallery Final Tiles Grid final-tiles-grid-gallery-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Image Photo Gallery Final Tiles Grid: from n/a through <= 3.6.11.
Final Tiles Grid Gallery Lite
CVE-2026-39486 Apr 08, 2026
WP-Chill Download Monitor <=5.1.8 SQL Injection (Blind) Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WP Chill Download Monitor download-monitor allows Blind SQL Injection.This issue affects Download Monitor: from n/a through <= 5.1.8.
Download Monitor
CVE-2026-28133 Mar 05, 2026
WP Chill Filr Unrestricted File Upload <=1.2.12 Unrestricted Upload of File with Dangerous Type vulnerability in WP Chill Filr filr-protection allows Upload a Web Shell to a Web Server.This issue affects Filr: from n/a through <= 1.2.12.
Filr Protection
CVE-2026-25375 Feb 19, 2026
WP Chill Image Photo Gallery Final Tiles Grid <=3.6.10: Missing Auth (A) Missing Authorization vulnerability in WP Chill Image Photo Gallery Final Tiles Grid final-tiles-grid-gallery-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Image Photo Gallery Final Tiles Grid: from n/a through <= 3.6.10.
Final Tiles Grid Gallery Lite
CVE-2026-25036 Feb 03, 2026
WP Chill Passster <=4.2.25 Missing Auth, ACL Bypass Missing Authorization vulnerability in WP Chill Passster content-protector allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Passster: from n/a through <= 4.2.25.
Content Protector
CVE-2026-24957 Feb 03, 2026
WP Chill Strong Testimonials Missing Auth Vulnerability 3.2.20 Missing Authorization vulnerability in WP Chill Strong Testimonials strong-testimonials allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Strong Testimonials: from n/a through <= 3.2.20.
Strong Testimonials
CVE-2026-24939 Feb 03, 2026
Missing Auth in WP Modula Image Gallery <=2.13.6 Missing Authorization vulnerability in WP Chill Modula Image Gallery modula-best-grid-gallery allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Modula Image Gallery: from n/a through <= 2.13.6.
Modula Best Grid Gallery
CVE-2026-24389 Jan 22, 2026
WP PhotoBlocks DOM XSS <=1.3.2 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Chill Gallery PhotoBlocks photoblocks-grid-gallery allows DOM-Based XSS.This issue affects Gallery PhotoBlocks: from n/a through <= 1.3.2.
Photoblocks Grid Gallery
CVE-2026-23976 Jan 22, 2026
Modula Image Gallery <=2.13.4 WP: Stored XSS via modula-best-grid-gallery Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Chill Modula Image Gallery modula-best-grid-gallery allows Stored XSS.This issue affects Modula Image Gallery: from n/a through <= 2.13.4.
Modula Best Grid Gallery
CVE-2025-64230 Dec 18, 2025
WP Chill Filr <=1.2.10 Path Traversal (filr-protection) Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in WP Chill Filr filr-protection allows Path Traversal.This issue affects Filr: from n/a through <= 1.2.10.
Filr Protection
CVE-2025-64218 Dec 18, 2025
WP Chill Passster <=4.2.19 Sensitive Data Exfil by Content-Protector Insertion of Sensitive Information Into Sent Data vulnerability in WP Chill Passster content-protector allows Retrieve Embedded Sensitive Data.This issue affects Passster: from n/a through <= 4.2.19.
Content Protector
CVE-2025-26975 Feb 25, 2025
Strong Testimonials <=3.2.3 Missing Auth ACL WP Chill WordPress Missing Authorization vulnerability in WP Chill Strong Testimonials strong-testimonials allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Strong Testimonials: from n/a through <= 3.2.3.
Strong Testimonials
CVE-2025-24683 Jan 24, 2025
WPChill RSVP & Event Mgmt Plugin <=2.7.14: SQLi Vulnerability Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WP Chill RSVP and Event Management rsvp allows SQL Injection.This issue affects RSVP and Event Management: from n/a through <= 2.7.14.
Rsvp
CVE-2024-49256 Nov 01, 2024
WPChill Htaccess File Editor 1.0.18 Incorrect Authorization Vulnerability Incorrect Authorization vulnerability in WP Chill Htaccess File Editor htaccess-file-editor allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Htaccess File Editor: from n/a through <= 1.0.18.
Htaccess File Editor
CVE-2024-47362 Nov 01, 2024
WPChill Strong Testimonials 3.1.16: Missing Authorization Vulnerability in Access Control Missing Authorization vulnerability in WP Chill Strong Testimonials strong-testimonials.This issue affects Strong Testimonials: from n/a through <= 3.1.16.
Strong Testimonials
CVE-2024-43216 Aug 12, 2024
Filr Secure Document Library v1.2.4 Stored XSS Vulnerability (CVE-2024-43216) Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Chill Filr filr-protection.This issue affects Filr: from n/a through <= 1.2.4.
Filr Protection
Built by Foundeo Inc., with data from the National Vulnerability Database (NVD). Privacy Policy. Use of this site is governed by the Legal Terms
Disclaimer
CONTENT ON THIS WEBSITE IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. Always check with your vendor for the most up to date, and accurate information.